855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808 | Triage

Analysis

max time kernel
31s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
10/03/2023, 04:18

Sharing

Report Analysis Logs

General

Target

nevada-4dcdd956e0808.exe
Size

506KB
MD5

99549bcea63af5f81b01decf427519af
SHA1

c7fcbaedf6b077b3d9bfc4720c3860a5d848bcb4
SHA256

855f411bd0667b650c4f2fd3c9fbb4fa9209cf40b0d655fa9304dcdd956e0808
SHA512

e04530a498d749758a7564b8f6a21f923f61fa723c08179a751d0fd8ec31bb085b54d218256494c555dce0c7b655eec33972dfe9b7f220efc57ce3717a7f6c92
SSDEEP

6144:l5BGdXpsv8yHWjRxmrkwql2yVayc4nP4jcyeO9mrmcFEIos52:/BGQkwkwnyVZHScyz9mCc7

Score

8^/10

ransomware

Malware Config

Signatures

Modifies extensions of user files 5 IoCs

Ransomware generally changes the extension on encrypted files.

description	ioc	Process
File renamed	C:\Users\Admin\Pictures\DebugGroup.raw => C:\Users\Admin\Pictures\DebugGroup.raw.NEVADA	nevada-4dcdd956e0808.exe
File opened for modification	C:\Users\Admin\Pictures\RedoReset.tiff	nevada-4dcdd956e0808.exe
File renamed	C:\Users\Admin\Pictures\RedoReset.tiff => C:\Users\Admin\Pictures\RedoReset.tiff.NEVADA	nevada-4dcdd956e0808.exe
File opened for modification	C:\Users\Admin\Pictures\TestApprove.tiff	nevada-4dcdd956e0808.exe
File renamed	C:\Users\Admin\Pictures\TestApprove.tiff => C:\Users\Admin\Pictures\TestApprove.tiff.NEVADA	nevada-4dcdd956e0808.exe

C:\Users\Admin\AppData\Local\Temp\nevada-4dcdd956e0808.exe
"C:\Users\Admin\AppData\Local\Temp\nevada-4dcdd956e0808.exe"
1⤵
- Modifies extensions of user files
PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1283023626-844874658-3193756055-1000\readme.txt

Filesize
959B

MD5
9bc24ee2fa8ba957fbb4f18cc8b25e0a

SHA1
69136b7d1aced47fc07f4a6b22f840aa7f3d2f05

SHA256
bc51364ed8854b562c2ccdd28732dd3648e416018d0b5e26b6a98f9f011250c3

SHA512
aae62dbef5fc11cc7e09a4193d41511e22dda90c7d10865680f12f697f6fcd65fac6fa5286dc7968b891db09a45977216daa544e7fbdd8eb22122f33527548ae

Download Submit